What the vulnerability does
01Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-24306
CRITICAL
CVE-2026-24306: Azure Front Door Elevation of Privilege Vulnerability
CVSS base score
9.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
January 22, 2026
CVE published
April 1, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-44290
CVE-2023-25150 Document content of files can be obtained through Collabora for files of other users
CVE-2018-25092 Vaerys-Dawn DiscordSailv2 Command Mention access control
CVE-2025-21213 Secure Boot Security Feature Bypass Vulnerability
CVE-2024-45129 Adobe Commerce | Improper Access Control (CWE-284)
